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Response to Arguments 

Applicant's arguments filed one June 18, 2004 have been fully considered but 
they are not persuasive. 

Applicant discloses packet filtering by opening and closing a pinhole in a firewall 
to permit the flow of packet data, based on whether or not the access conditions are 
met (i.e., the source and destination address in the packet header)(Specification, Page 
2, lines 1-13). Cain discloses packet filtering by establishing and closing a bypass 
communication route around the communication router to allow communication between 
preselected combinations of machines located on opposite sides of the firewall based 
on whether or not the filter conditions are met (Cain, Col. 2, lines 5-58). 

Applicant argues that Cain fails to disclose the concept of a firewall pinhole as 
the applicant discloses it in the specification: "... a pinhole opening in the firewall may 
also be referred to as a packet filter ... ". Packet filtering is well known to one skilled in 
the art and Cain specifically discloses as: " A firewall router is essentially a packet filter, 
allowing communication between selected combinations of internal and external 
machines" (Col. 1, lines 40-62). Also, Cain discloses providing a method and system to 
provide access from outside a firewall router to a selected server (Col. 2, lines 5-30). 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
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A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claims 1-3, 5, 8, 12, 15-17, 21, and 25-27 are rejected under 35 U.S.C. 102(b) 
as being anticipated by Cain, (U.S. Patent No. 5,778,174 and Cain hereinafter). 

Regarding claim 1, Cain discloses a method of remotely controlling a firewall 
from a firewall controller (Fig. 1 , element 16) in order to permit the flow of packet data 
through said firewall, the method comprising: 

sending a request message from a firewall controller (i.e., firewall router, Fig. 1, 
element 16) to a firewall requesting that a pinhole (i.e., bypass route) be opened, and 
opening a pinhole in said firewall (i.e., establishing first and second communication 
channels based on client's request)(Col. 3, lines 14-67 and Col. 4, lines 1-2); 

sending a request message from a firewall controller (i.e., firewall router, Fig. 1, 
element 16) to said firewall requesting that a pinhole (i.e., bypass route) be closed, and 
closing said pinhole (i.e., closing second and first communication channels based on 
server's request)(Col. 4, lines 3-15). 

Regarding claim 2, Cain discloses further comprising: 
determining the need for a pinhole (i.e., bypass route) in said firewall (Col. 2, 
lines 40-67 and Col. 3, lines 1-14). 
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Regarding claim 3, Cain discloses wherein said step of determining occurs at 
said firewall controller (i.e., firewall router, Fig. 1 , element 16, is essentially a packet 
filter allowing communication between pre-selected combinations of machines located 
on opposite sides of the firewall )(Col. 2, lines 50-58). 

Regarding claim 5, Cain discloses further including the step of determining the 
need for a pinhole prior to sending a request that a pinhole be opened (i.e., packets 
which do not satisfy filter conditions are discarded by the firewall router)(Col. 2, lines 50- 
58). 

Regarding claim 8, Cain discloses a firewall controller (i.e., firewall router) for 
permitting the flow of packet data (i.e., filtering packets), said firewall controller 
comprising: 

means for determining a need for a pinhole in a firewall (Col. 2, lines 40-57); 

i 

means for sending a request message to said firewall requesting that a pinhole 
be opened in said firewall (Col. 3, lines 15-67); and 

means for sending a request message to said firewall requesting that said 
pinhole be closed in said firewall (Col. 4, lines 1-22). 

Regarding claim 12, Cain discloses a firewall responsive to a firewall controller 
(i.e., firewall router) for permitting the flow of packet data (i.e., filtering packets), said 
firewall comprising: 
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means (i.e., hardware or software or combination of the both) for receiving a 
request message from said firewall controller requesting that a pinhole be opened in 
said firewall, means for opening a pinhole in said firewall (Col. 3, lines 15-67); 

means for receiving a request message from said firewall controller requesting 
that said pinhole be closed in said firewall, and means for closing said pinhole in said 
firewall (Col. 4, lines 1-22). 

Regarding claim 15, Cain discloses a firewall responsive to a media gateway 
controller (i.e., firewall router) for permitting the flow of packet data (i.e., filtering 
packets), said firewall comprising: 

means for receiving a request message from said media gateway controller (i.e., 
firewall router) requesting that a pinhole be opened in said firewall, means for opening a 
pinhole in said firewall (Col. 3, lines 15-67); 

means for receiving a request message from said media gateway controller (i.e., 
firewall router) requesting that said pinhole be closed in said firewall, and means for 
closing said pinhole in said firewall (Col. 4, lines 1-22). 

Regarding claim 16, Cain discloses a computer program product for remotely 
controlling a firewall from a firewall controller (i.e., firewall router) in order to permit the 
flow of packet data through said firewall, the computer program product having a 
medium with a computer program embodied thereon, the computer program product 
comprising: 
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computer program code in said firewall controller for sending a request message 
to said firewall requesting that a pinhole be opened, and computer program code for 
sending a request message to said firewall requesting that a pinhole be opened in said 
firewall (Col. 3, lines 15-65); and 

computer program code for sending a request message to said firewall 
requesting that said pinhole be closed in said firewall (Col. 3, lines 65-67 and Col. 4, 
lines 1-22). 

Regarding claim 17, Cain discloses further comprising: 
computer program code in said firewall controller for determining the need for a 
pinhole in said firewall (Col. 2, lines 40-57). 

Regarding claim 21 , Cain discloses a computer program product in a firewall 
controller, said firewall controller operative with a firewall, the computer program product 
having a medium with a computer program embodied thereon, the computer program 
product comprising: 

computer program code for determining the need for a pinhole in said firewall 
(Col. 2, lines 40-57); 

computer program code for sending a request message to said firewall 
requesting that a pinhole be opened in said firewall, and computer program code for 
sending a request message to said firewall requesting that said pinhole be closed in 
said firewall (Col. 3, lines 15-67 and Col. 4, lines 1-22). 
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Regarding claim 25, Cain discloses a computer program product in a firewall, 
said firewall responsive to a firewall controller, the computer program product having a 
medium with a computer program embodied thereon, the computer program product 
comprising: 

computer program code for receiving a request message from said firewall 
controller requesting that a pinhole be opened in said firewall, computer program code 
for opening a pinhole in said firewall (Col. 3, lines 15-65); 

computer program code for receiving a request message from said firewall 
controller requesting that said pinhole be closed in said firewall, and computer program 
code for closing said pinhole in said firewall (Col. 4, lines 1-22). 

Regarding claim 26, Cain discloses a computer program product in a firewall, 
said firewall responsive to a media gateway controller (i.e., firewall router), the computer 
program product having a medium with a computer program embodied thereon (i.e., 
some sort of storage device, namely a hard disk), the computer program product 
comprising: 

computer program code for receiving a request message from said media 
gateway controller requesting that a pinhole be opened in said firewall, computer 
program code for opening a pinhole in said firewall (Col. 3, lines 15-65); 
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computer program code for receiving a request message from said media 
gateway controller requesting that said pinhole be closed in said firewall, and computer 
program code for closing said pinhole in said firewall (Col. 4, lines 1-22). 

Regarding claim 27, Cain discloses a computer system for remotely controlling a 
firewall from a firewall controller (i.e., firewall router) comprising: 

a firewall operatively connected to a private computer network (Fig. 1 , element 
12) and at least one external computer network (Fig. 1 , element 14)(Col. 2, lines 40-67 
and Col. 3, lines 1-25); 

a firewall controller (Fig. 1 , element 16) operatively connected to said firewall for 
remotely instructing said firewall to open and close pinholes in said firewall (Col. 3, lines 
25-67 and Col. 4, lines 1-15). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 4, 6, 9, 11, 13, 18, 20, 22, 24, 28, and 29 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Cain, (U.S. Patent No. 5,778,174 and Cain 
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hereinafter) in view of Kimchi et al., (U.S. Publication No. 2002/0120760 and Kimchi 
hereinafter). 

Teachings of Cain have been disclosed previously. 

Regarding claims 4, 1 1 , 20, and 24, Cain does not expressly disclose wherein 
said firewall controller is a media gateway controller. 

However, Kimchi discloses wherein said firewall controller is a media gateway 
controller (i.e., Media Gateway Control Protocol on a network device such as a router 
results in a media gateway controller for controlling media gateways to set up media, for 
example, voice traffic paths through the distributed network)(Page 4, Par. 0036 and 
Page 6, Par. 0081-0095). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of Cain with the teachings of 
Kimchi to include a Media Gateway Control protocol in the firewall router and the 
support of H.225.0 FastStart for signaling in the client machine with the motivation to 
simplify standards for VoIP technology by eliminating the need for complex and 
processor-intense IP telephony devices, this lowering the cost of these terminals 
(Kimchi, Page 4, Par. 0036). 

Regarding claims 6, 9, 13, 18 and 22, Cain does not expressly disclose wherein 
said request messages are formatted in the H.248 protocol. 
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However, Kimchi discloses wherein said request messages (i.e., voice traffic) are 
formatted in the H.248 protocol (Page 4, Par. 0036). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of Cain with the teachings of 
Kimchi to include a Media Gateway Control protocol/Megaco or H.248 in the firewall 
router with the motivation to simplify standards for VoIP technology by eliminating the 
need for complex and processor-intense IP telephony devices, this lowering the cost of 
these terminals (Kimchi, Page 4, Par. 0036). 

Regarding claim 28, Cain does not expressly disclose wherein said firewall 
controller is a media gateway controller acting as a call server in a VoIP telephony 
network. 

However, Kimchi discloses wherein said firewall controller is a media gateway 
controller acting as a call server in a VoIP telephony network (i.e., Media Gateway 
Control Protocol on a network device such as a router results in a media gateway 
controller for controlling media gateways to set up media, for example, voice traffic 
paths through the distributed network)(Page 4, Par. 0036 and Page 6, Par. 0081-0095). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of Cain with the teachings of 
Kimchi to include a Media Gateway controller acting as a call server in a VoIP 
telephony network with the motivation to simplify standards for VoIP technology by 
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eliminating the need for complex and processor-intense IP telephony devices, this 
lowering the cost of these terminals (Kimchi, Page 4, Par. 0036). 

Regarding claim 29, Cain does not expressly disclose a media gateway 
controller. 

However, Kimchi discloses wherein said media gateway controller instructs said 
firewall to open and close pinholes in said firewall such that media gateway endpoints 
within said private network can communicate with media gateway endpoints outside 
said private network on a per call basis (i.e., media gateway controller controls media 
gateways to set up media, for example, voice traffic paths through the distributed 
network)(Page 4, Par. 0036 and Page 6, Par. 0081-0095). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of Cain with the teachings of 
Kimchi to include a media gateway controller that instructs the firewall to open and 
close pinholes in said firewall with the motivation to simplify standards for VoIP 
technology by eliminating the need for complex and processor-intense IP telephony 
devices, this lowering the cost of these terminals (Kimchi, Page 4, Par. 0036). 

Claims 7,10, 14, 19, and 23 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cain, (U.S. Patent No. 5,778,174 and Cain hereinafter) in view of 
Putzolu et al., (U.S. Patent No. 6,611,864 and Putzolu hereinafter). 
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Teachings of Cain have been disclosed previously. 

Regarding claims 7, 10, 14, 19, and 23, Cain does not expressly disclose 
wherein said request messages are formatted in the common open policy services 
(COPS) protocol. 

However, Putzolu discloses wherein said request messages are formatted in the 
common open policy services (COPS) protocol (Col. 3, lines 1-67 and Col. 4, lines 1- 
35). 

Therefore, it would have been obvious to a person of ordinary skill in the art at 
the time of applicant's invention to modify the teachings of Cain with the teachings of 
Putzolu to include common open policy services protocol and COPS request 
messages with the motivation to provide for a powerful means of managing computer 
networks (Putzolu, Col. 2, lines 10-20). 

Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 .1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 



examiner should be directed to Arezoo Sherkat whose telephone number is (571) 272- 
3796. The examiner can normally be reached on 8:00-4:30 Monday-Friday. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571 ) 272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Any inquiry concerning this communication or earlier communications from the 
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